OWASP

Are you a developer who wants to better understand web application security? Are you a security practitioner who needs to delve into web app penetration testing? Well now you have your chance! Come and learn how to hack web applications and services from our Professionally Evil experts! Secure Ideas is excited to announce the latest in our course …

UPDATE: Updated the done steps. below. Also changed the links from S3 to Git. Since our founding in 2010 Secure Ideas has always tried to focus on education and increasing the amount of available knowledge in our field. As such we have contributed to courses, presented at conferences around the world and contributed to open …

MobiSec has undergone a major reconstruction and version 2.0 (actually 2.0.1) is now available for download on SourceForge. The popular mobile testing VM platform has been rebuilt on the latest Ubuntu 64-bit LTS. The tools have been modernized through updates and by replacing deprecated tools with better-supported equivalents. The environment has also been trimmed down …

Every pen tester looks forward to that next encounter that includes one of those uncommon vulnerabilities that ultimately result in an exciting session of exploration and learning. During a recent web penetration test I ran across one of these rare gems when I started seeing some odd behavior on a forgot password form. In this …

We are really excited to announce that SamuraiWTF 3.0 is now available publicly. (We did a previous release but found some issues and so that was pulled back.) This release is available at http://sourceforge.net/projects/samurai/ immediately and we hope you enjoy it. In this release we have updated the base operating system to Ubuntu 14.04 (hence the …

Ever thought about being able to test the security of your web applications? Wanted to know how the Professionally Evil hack web services and applications? Interested in upgrading your skills around attacking modern web applications? Well now you have your chance! Secure Ideas is excited to announce the latest in our course offerings. We will be …

I’m excited to announce that I will be returning to my hometown of Kingston, Ontario to teach a two-day, hands-on Secure Coding course at Kingston MakerSpace, May 5-6, 2014. This course is geared towards software developers who want to learn the details of common web application attacks and what coding strategies to use to properly …

Secure Ideas is excited to announce that Kevin Johnson and James Jardine will be teaching Advance Mobile PenTesting with MobiSec at Blackhat 2014. This course will be offered twice, in two day sessions. In this hands-on, lab driven course students will be taught a methodology and series of techniques used to perform penetration testing of …

Secure Ideas is excited to announce that Jason Gillam will be teaching Mobile PenTesting with MobiSec at Charlotte ISSA 10th Annual Infosec Summit. Kevin Johnson, one of the course authors, may be available on the second day. In this hands-on, lab driven course students will be taught a methodology and series of techniques used to perform penetration …

Tactical Burp Suite Webinar Secure Ideas is excited to announce its latest upcoming online training. We will be offering a two-hour session exploring Burp Suite and its use in a web application penetration test. Kevin Johnson and James Jardine will explore the various features of Burp Suite, focused on how we use the system during …